Java, amirite guys



  • More Java fun

    Google developers have confirmed a cryptographic vulnerability in the Android operating system that researchers say could generate serious security glitches on hundreds of thousands of end user apps.

    This weakness in Android's Java Cryptography Architecture is the root cause of a Bitcoin transaction that reportedly was exploited to pilfer about $5,720 worth of bitcoins out of a digital wallet last week. The disclosure, included in a blog post published Wednesday by Google security engineer Alex Klyubin, was the first official confirmation of the Android vulnerability since Ars and others reported the incident last weekend. Klyubin warned that other apps might also be compromised unless developers change the way they access PRNGs (pseudo random number generators).

    We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG
    Java probably uses the xkcd code for random number generation.

  • Considered Harmful

    I'm curious if there's legal precedent for stolen bitcoins. I thought they were the currency of the deep web precisely because they made it difficult to track ownership.


  • Discourse touched me in a no-no place

    @El_Heffe said:

    Java probably uses the xkcd code for random number generation.
    It's astoundingly easy to fuck up security code, and many of the ways to fuck it up still appear to work just fine. (The others just fail in a heap and never tell you why.)



  • So it's an ineffective software PRNG. While a major bug it isn't that uncommon.
    Nowhere in the article I read that Java was the cause, it looks more like a bug in Android itself or one of the opensource software packages it uses (since the article states that apps that don't use the Java interfaces but directly call OpenSSL are also affected)

    [edit]
    This article suggest that it was a problem in the Android implementation of the Java class SecureRandom, so it's a security leak in Android, not Java in general. It's also not Java who's to blame.
    Would you blame C if printf in some OS contained a critical security bug?



  • @joe.edwards said:

    I'm curious if there's legal precedent for stolen bitcoins. I thought they were the currency of the deep web precisely because they made it difficult to track ownership.
    Bitcoin is NOT anonymous! Every single bitcoin transaction is saved within bitcoin for all eternity! There is a dan kaminsky security confrence talk on youtube about it.



  • @joe.edwards said:

    I'm curious if there's legal precedent for stolen bitcoins. I thought they were the currency of the deep web precisely because they made it difficult to track ownership.

    Bitcoin transactions cannot be undone, unlike credit card transactions. (That's another reason people like to use them as currency)



  • Put simply, the interface occasionally served up the same random number twice. The bitcoin wallets all happen to pull two random numbers quickly, which triggered this bug more often.

    It just so happens that having two messages signed with the same private key using the same 'random' number allows recovery of the private key.


  • Trolleybus Mechanic

    @immibis said:

    Bitcoin transactions cannot be undone, unlike credit card transactions. (That's another reason people like to use them as currency)
     

    Random "I only half understand Bitcoin" question that I'm too lazy to Google for and don't have the patience to deal with Bitcoin fanatics to ask:

    From what I understand, someone makes a transaction. Other people verify the transaction, and in doing so generate "new" Bitcoins for their effort. Eventually all Bitcoins will be generated.

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?

    Since this is something I just thought about while sipping on a el-cheapo latte I made myself by microwaving a glass of milk and dumping some instant coffee in it whilst watching angry movie reviewers on the Internet, I assume the people who actually know what they're doing have thought of this?


  • Discourse touched me in a no-no place

    @Lorne Kates said:

    Random "I only half understand Bitcoin" question that I'm too lazy to Google for and don't have the patience to deal with Bitcoin fanatics to ask:
    Avoiding the buttcoin fanatics is a laudable goal.@Lorne Kates said:

    From what I understand, someone makes a transaction. Other people verify the transaction, and in doing so generate "new" Bitcoins for their effort. Eventually all Bitcoins will be generated.

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins? Flood the system with a billion verification requests?

    Since this is something I just thought about while sipping on a el-cheapo latte I made myself by microwaving a glass of milk and dumping some instant coffee in it whilst watching angry movie reviewers on the Internet, I assume the people who actually know what they're doing have thought of this?

    You don't get new bitcoins for verifying transactions; that's a separate activity (termed “mining”). On the other hand, you're absolutely right that someone doing masses of microtransactions would DOS the system. I believe this has already proved to be something of a problem, as the incentives for adding computing resources to the system tend to favor mining instead of transaction processing.

    I think I'll stick to my existing fiat currency for now.


  • Considered Harmful

    So as the number of unmined bitcoins dwindle, will cracking the crypto on other bitcoin accounts become more feasible/profitable than bitcoin mining?



  • The whole system will collapse long before that comes up. ;)

    But that is the theory, yes.



  • @Lorne Kates said:

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?

    Transactions are not (contrary to what some misinformation claims) completely free. You can add a fee (around the order of 0.0005 BTC) to make your transactions go faster, which the miners collect. In some circumstances (like if the transaction volume is very small, or you received the coins not too long ago, or the size of the transaction in bytes is too big) it's mandatory, so if you tried to spam the network with small transactions you'd run out of bitcoins sooner or later.

    And yes, this means bitcoin is not really that useful for microtransactions, though still a lot cheaper than PayPal or credit cards.

    The way I understand it (I ought to read more on that), when you do a transaction it's broadcast through the network via a P2P protocol, and the people who are mining put them in a temporary "queue". Then they grab the most profitable transactions (the ones with the largest fees and smaller sizes) and try to create and solve a "block", which is a list of transactions (with a maximum size). If your transaction never gets put in a block, other people won't accept it. Solving means finding a SHA256 hash with certain characteristics, to prove that you have processing power (proof of work). Whoever solves a block first gets the fees and an extra 25 BTC generated.



  • @Lorne Kates said:

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?
    You have to pay the verification fees, so your DOS would rack up charges untill your bitcoins are zero.

    Here is that Dan Kaminsky talk i mentioned https://www.youtube.com/watch?v=gQoykhNoBbY He talks about the scalability of bitcoin, how it isn't anonymous, and demonstrates some exploits.

     

     



  • @esoterik said:

    @Lorne Kates said:

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?
    You have to pay the verification fees, so your DOS would rack up charges untill your bitcoins are zero.

    Here is that Dan Kaminsky talk i mentioned https://www.youtube.com/watch?v=gQoykhNoBbY He talks about the scalability of bitcoin, how it isn't anonymous, and demonstrates some exploits.

     

     

    AFAIK, you only have to pay verification fees because most Bitcoin software will ignore transactions where it deems the fee is too low, which would make it impossible to get verified. (the extra per-transaction work done by the verifier ("miner") is negligible; maybe this is a form of the [url=http://en.wikipedia.org/wiki/Ultimatum_game]ultimatum game[/url])

    Also the reference client will not bother to relay transactions if it considers the fee to be too low, so many miners won't even see your transaction. If you had enough processing power to verify transactions yourself in a reasonable time, you probably could spam transactions with no fee. Also, every future Bitcoin node would have to download all of your spammed transactions like they do with every other transaction that's every happened.

    Also by making every transaction that's ever happened be downloaded by every node, Bitcoin is going to DoS itself anyway, no need for someone to do it maliciously.


  • Considered Harmful

    @immibis said:

    @esoterik said:

    @Lorne Kates said:

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?
    You have to pay the verification fees, so your DOS would rack up charges untill your bitcoins are zero.

    Here is that Dan Kaminsky talk i mentioned https://www.youtube.com/watch?v=gQoykhNoBbY He talks about the scalability of bitcoin, how it isn't anonymous, and demonstrates some exploits.

     

     

    AFAIK, you only have to pay verification fees because most Bitcoin software will ignore transactions where it deems the fee is too low, which would make it impossible to get verified. (the extra per-transaction work done by the verifier ("miner") is negligible; maybe this is a form of the ultimatum game)

    Also the reference client will not bother to relay transactions if it considers the fee to be too low, so many miners won't even see your transaction. If you had enough processing power to verify transactions yourself in a reasonable time, you probably could spam transactions with no fee. Also, every future Bitcoin node would have to download all of your spammed transactions like they do with every other transaction that's every happened.

    Also by making every transaction that's ever happened be downloaded by every node, Bitcoin is going to DoS itself anyway, no need for someone to do it maliciously.

    Even doing your own verification isn't free. It takes an appreciable number of watt-hours of computation, so the costs shift to your electric bill.


  • @joe.edwards said:

    @immibis said:
    @esoterik said:

    @Lorne Kates said:

    What's to stop someone from DOSing the system by setting up two accounts, then using a bot to initiaite a billion back and forth transactions with 0.0001 Bitcoins?  Flood the system with a billion verification requests?
    You have to pay the verification fees, so your DOS would rack up charges untill your bitcoins are zero.

    Here is that Dan Kaminsky talk i mentioned https://www.youtube.com/watch?v=gQoykhNoBbY He talks about the scalability of bitcoin, how it isn't anonymous, and demonstrates some exploits.

     

     

    AFAIK, you only have to pay verification fees because most Bitcoin software will ignore transactions where it deems the fee is too low, which would make it impossible to get verified. (the extra per-transaction work done by the verifier ("miner") is negligible; maybe this is a form of the ultimatum game)

    Also the reference client will not bother to relay transactions if it considers the fee to be too low, so many miners won't even see your transaction. If you had enough processing power to verify transactions yourself in a reasonable time, you probably could spam transactions with no fee. Also, every future Bitcoin node would have to download all of your spammed transactions like they do with every other transaction that's every happened.

    Also by making every transaction that's ever happened be downloaded by every node, Bitcoin is going to DoS itself anyway, no need for someone to do it maliciously.

    Even doing your own verification isn't free. It takes an appreciable number of watt-hours of computation, so the costs shift to your electric bill.
    "with no [transaction] fee" != "free"

Log in to reply